Easy-of-use : What I try to do is making pen-tester more care about result, not the process. All you should do is clicking the buttons. Amazing Speed : so many people told you things about brute sql injection, is it really necessary? Forget char-by-char, we can row-by-row(of cource, not every injection-point can do this)?The exact check method : do you really think automated tools like AWVS,APPSCAN can find all injection-points?